Directory Permission Vulnerability in Hitachi Ops Center Analyzer
CVE-2022-3884

7.3HIGH

Key Information:

Vendor: Hitachi
Status: Hitachi Ops Center Analyzer
Vendor: CVE Published:; 28 February 2023

What is CVE-2022-3884?

A vulnerability exists in Hitachi Ops Center Analyzer due to incorrect default permissions that could allow local users to access, read, and modify sensitive files. This flaw primarily impacts the RAID Agent component of the software, compromising data integrity and potentially allowing unauthorized actions by users on affected versions. Users are advised to update to versions 10.9.0-01 or later to mitigate risks associated with this vulnerability.

Affected Version(s)

Hitachi Ops Center Analyzer Windows 10.9.0-00 < 10.9.0-01

References

https://www.hitachi.com/products/it/software/security/inf...

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 28, 2023
Vulnerability Reserved
Nov 8, 2022